<?php
/*
+-----------------------------------------------------------------------------+
| $Id: *.php 2009-08-18 08:41:22Z Bleakwind $
| Copyright (c) 2003-2010 Bleakwind (www.weaverdream.com)
| http://www.weaverdream.com/
+-----------------------------------------------------------------------------+
*/
//$bwajax->configure('debug',true);

if (!defined( 'ENTRY_INDEX')){
    echo "<h1>Forbidden</h1><p>You don't have permission to access on this server.</p>";
    exit;
}

$setting_cover['length']    = 40;
$setting_cover['size']      = 2097152;
$setting_cover['type']      = ".gif,.jpg,.png";
$setting_cover['dir']       = date("Y")."/".date("Ym")."/".date("Ymd")."/";

$setting_attach['length']   = 40;
$setting_attach['size']     = 2097152;
$setting_attach['type']     = ".gif,.jpg,.png,.swf,.pdf,.doc,.ppt,.zip,.rar";
$setting_attach['dir']      = date("Y")."/".date("Ym")."/".date("Ymd")."/";

$sys->get['channel_id'] = !preg_match("/^[1-9][0-9]*$/",$sys->get['channel_id']) ? "0" : (int)$sys->get['channel_id'];
$sys->return_channel_current($sys->get['channel_id']);
$t->assign(array(
    "sort_current" => $sys->channel_current,
));

// Public ajax
if($sys->get['ope'] == "if_elite"){
    // check the post
    if (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['topic_id'])){
        $sys->prompt("failed","非法操作!<!-- topic_id error -->");
    } elseif (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_elite'])) {
        $sys->prompt("failed","非法操作!<!-- if_elite error -->");
    } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['topic'] != "1" && ($ADMIN['ag_privilege']['topic'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql_data = array(
                "if_elite" => $sys->get['if_elite'],
            );
            $result = func::db_update(DB_TABLE_TOPIC, $sql_data, "id='".$sys->get['topic_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=topic&channel_id=".$sys->get['channel_id']."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_top"){
    // check the post
    if (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['topic_id'])){
        $sys->prompt("failed","非法操作!<!-- topic_id error -->");
    } elseif (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_top'])) {
        $sys->prompt("failed","非法操作!<!-- if_top error -->");
    } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['topic'] != "1" && ($ADMIN['ag_privilege']['topic'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql_data = array(
                "if_top" => $sys->get['if_top'],
            );
            $result = func::db_update(DB_TABLE_TOPIC, $sql_data, "id='".$sys->get['topic_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=topic&channel_id=".$sys->get['channel_id']."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_close"){
    // check the post
    if (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['topic_id'])){
        $sys->prompt("failed","非法操作!<!-- topic_id error -->");
    } elseif (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_close'])) {
        $sys->prompt("failed","非法操作!<!-- if_close error -->");
    } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['topic'] != "1" && ($ADMIN['ag_privilege']['topic'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql_data = array(
                "if_close" => $sys->get['if_close'],
            );
            $result = func::db_update(DB_TABLE_TOPIC, $sql_data, "id='".$sys->get['topic_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=topic&channel_id=".$sys->get['channel_id']."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "move"){
    // check the post
    if (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['topic_id'])){
        $sys->prompt("failed","非法操作!<!-- topic_id error -->");
    } elseif (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        $topic_list     = func::db_select(DB_TABLE_TOPIC, "*", "id=".$sys->get['topic_id']);
        $topic_list     = $topic_list[0];
        if (!preg_match("/^[1-9][0-9]{0,10}$/",$topic_list['id'])) {
            $sys->prompt("failed","此帖不存在!<!-- topic_id error -->");
        } elseif (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['topic'] != "1" && ($ADMIN['ag_privilege']['topic'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sys->channel_tree = array();
            $channel_tree_from = $sys->return_channel_tree((int)$topic_list['channel_id']);
            $sys->channel_tree = array();
            $channel_tree_to   = $sys->return_channel_tree();

            $channel_tree_to[$topic_list['channel_id']]['disable'] = "1";

            $t->assign(array(
                "channel_tree_from"    => $channel_tree_from,
                "channel_tree_to"      => $channel_tree_to,
            ));
        }
    }
}elseif($sys->get['ope'] == "save_move"){
    // check the post
    if (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['topic_id'])){
        $sys->prompt("failed","非法操作!<!-- topic_id error -->");
    } elseif (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }elseif(!preg_match("/^[1-9][0-9]{0,10}$/i",$sys->post['channel_tree_to'])){
        $sys->prompt("failed","目的类别格式错误,目的类别只能为数字!");
    }else{

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        $topic_info     = func::db_select(DB_TABLE_TOPIC, "*", "id=".$sys->get['topic_id']);
        $topic_info     = $topic_info[0];
        if (!preg_match("/^[1-9][0-9]{0,10}$/",$topic_info['id'])) {
            $sys->prompt("failed","此帖不存在!<!-- topic_id error -->");
        } elseif (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['topic'] != "1" && ($ADMIN['ag_privilege']['topic'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $count_record_to = func::db_count_record(DB_TABLE_TOPIC, "id=".$topic_info['id']." AND channel_id=".$sys->post['channel_tree_to']);
            if ($count_record_to > 0) {
                $sys->prompt("failed","目的类别已经存在此帖子!<!-- same sort -->");
            } else {
                $sql_data = array(
                    "channel_id" => $sys->post['channel_tree_to'],
                );
                $result = func::db_update(DB_TABLE_TOPIC, $sql_data, "id='".$sys->get['topic_id']."'");
                if (!$result) {
                    $sys->prompt("failed","移动发生错误!<!-- db_update failed -->");
                }
                $sql_data = array(
                    "number_total_topic"        => "number_total_topic-1",
                    "number_total_post"         => "number_total_post-".($topic_info['number_reply']+1)."",
                    "number_today_topic"        => "number_today_topic-1",
                    "number_today_post"         => "number_today_post-".($topic_info['number_reply']+1)."",
                );
                $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id=".(int)$topic_info['channel_id']."");
                if (!$result) {
                    $sys->prompt("failed","更新版块数据库发生错误!<!-- DB_TABLE_CHANNEL failed -->");
                }
                $sql_data = array(
                    "number_total_topic"        => "number_total_topic+1",
                    "number_total_post"         => "number_total_post+".($topic_info['number_reply']+1)."",
                    "number_today_topic"        => "number_today_topic+1",
                    "number_today_post"         => "number_today_post+".($topic_info['number_reply']+1)."",
                );
                $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id=".(int)$sys->post['channel_tree_to']."");
                if (!$result) {
                    $sys->prompt("failed","更新版块数据库发生错误!<!-- DB_TABLE_CHANNEL failed -->");
                }
                if ( !$sys->update_channel_last((int)$topic_info['channel_id']) ) {
                    $sys->prompt("failed","更新版块数据库发生错误!<!-- DB_TABLE_CHANNEL failed -->");
                }
                if ( !$sys->update_channel_last((int)$sys->post['channel_tree_to']) ) {
                    $sys->prompt("failed","更新版块数据库发生错误!<!-- DB_TABLE_CHANNEL failed -->");
                }
                $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=topic&channel_id=".$sys->get['channel_id']."&pag=".$sys->get['pag']);
            }
        }
    }

}elseif($sys->get['ope'] == "del"){
    // check the post
    if (!preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['topic'] != "1" && ($ADMIN['ag_privilege']['topic'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $this_array = array();
            if (!empty($sys->get['topic_id'])){
                if (is_array($sys->get['topic_id'])) {
                    foreach ($sys->get['topic_id'] as $v) {
                        if (preg_match("/^[1-9][0-9]{0,10}$/",$v)) {
                            $this_array[$v] = $v;
                        }
                    }
                } else {
                    if (preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['topic_id'])) {
                        $this_array[$sys->get['topic_id']] = $sys->get['topic_id'];
                    }
                }
            }
            if (!empty($sys->post['topic_id'])){
                if (is_array($sys->post['topic_id'])) {
                    foreach ($sys->post['topic_id'] as $v) {
                        if (preg_match("/^[1-9][0-9]{0,10}$/",$v)) {
                            $this_array[$v] = $v;
                        }
                    }
                } else {
                    if (preg_match("/^[1-9][0-9]{0,10}$/",$sys->post['topic_id'])) {
                        $this_array[$sys->post['topic_id']] = $sys->post['topic_id'];
                    }
                }
            }

            if (!empty($sys->get['choice'])){
                if (is_array($sys->get['choice'])) {
                    foreach ($sys->get['choice'] as $v) {
                        if (preg_match("/^[1-9][0-9]{0,10}$/",$v)) {
                            $this_array[$v] = $v;
                        }
                    }
                } else {
                    if (preg_match("/^[1-9][0-9]{0,10}$/",$sys->get['choice'])) {
                        $this_array[$sys->get['choice']] = $sys->get['choice'];
                    }
                }
            }
            if (!empty($sys->post['choice'])){
                if (is_array($sys->post['choice'])) {
                    foreach ($sys->post['choice'] as $v) {
                        if (preg_match("/^[1-9][0-9]{0,10}$/",$v)) {
                            $this_array[$v] = $v;
                        }
                    }
                } else {
                    if (preg_match("/^[1-9][0-9]{0,10}$/",$sys->post['choice'])) {
                        $this_array[$sys->post['choice']] = $sys->post['choice'];
                    }
                }
            }
            if (!empty($this_array)) {
                foreach ($this_array as $v) {
                    $topic_info = func::db_select(DB_TABLE_TOPIC, "*", "id=".$v);
                    $topic_info = $topic_info[0];

                    if (!preg_match("/^[1-9][0-9]{0,10}$/",$topic_info['id'])) {
                        $sys->prompt("failed","此帖不存在[".$v."]!<!-- topic_id error -->");
                    } else {

                        $result = func::db_delete(DB_TABLE_TOPIC, "id=".$v."");
                        if (!$result) {
                            $sys->prompt("failed","帖子删除失败[".$v."]!<!-- db_delete failed -->");
                        } else {
                            $sql = "SELECT post_attach.* 
                                    FROM ".DB_TABLE_POST_ATTACH." post_attach 
                                        LEFT JOIN ".DB_TABLE_POST." post ON post.id=post_attach.post_id 
                                    WHERE post.topic_id=".$v."
                                    ORDER BY id desc";
                            $result = &$db->Execute($sql);
                            if (!$result) {
                                echo $db->ErrorMsg();
                            } else {
                                while (!$result->EOF) {
                                    $filelist[] = array(
                                        'id'        => $result->fields['id'],
                                        'dir'       => $result->fields['dir'],
                                        'filename'  => $result->fields['filename'],
                                        'post_id'   => $result->fields['post_id'],
                                        'admin_id'  => $result->fields['admin_id'],
                                    );
                                    $result->MoveNext();
                                }
                            }
                            if (!empty($filelist)){
                                foreach($filelist as $file){
                                    chmod($SETTING['dir_post_attach']."/".$file['dir']."/".$file['filename'], $SETTING['chmod_mode_file']);
                                    unlink($SETTING['dir_post_attach']."/".$file['dir']."/".$file['filename']);
                                }
                                $sql = "DELETE post_attach 
                                        FROM ".DB_TABLE_POST_ATTACH." post_attach 
                                            LEFT JOIN ".DB_TABLE_POST." post ON post.id=post_attach.post_id 
                                        WHERE post.topic_id=".$v;
                                $result = &$db->Execute($sql);
                                if (!$result) {
                                    $sys->prompt("failed","附件数据库信息删除失败[".$v."]!<!-- DB_TABLE_POST_ATTACH delete failed -->");
                                }
                            }
                            $result = func::db_delete(DB_TABLE_TOPIC_TRANS, "topic_id=".$v."");
                            if (!$result) {
                                $sys->prompt("failed","横向分类数据库删除失败[".$v."]!<!-- DB_TABLE_TOPIC_TRANS delete failed -->");
                            }
                            $sql_data = array(
                                "number_total_topic"        => "number_total_topic-1",
                                "number_total_post"         => "number_total_post-".($topic_info['number_reply']+1)."",
                                "number_today_topic"        => "number_today_topic-1",
                                "number_today_post"         => "number_today_post-".($topic_info['number_reply']+1)."",
                            );
                            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id=".(int)$topic_info['channel_id']."");
                            if (!$result) {
                                $sys->prompt("failed","更新版块数据库发生错误!<!-- DB_TABLE_CHANNEL failed -->");
                            }
                            if ( !$sys->update_channel_last((int)$topic_info['channel_id']) ) {
                                $sys->prompt("failed","更新版块数据库发生错误!<!-- DB_TABLE_CHANNEL failed -->");
                            }
                        }
                    }
                }
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=topic&channel_id=".$sys->get['channel_id']."&pag=".$sys->get['pag']);
    }

} else {

    if( !preg_match("/^[1-9][0-9]*$/",$sys->get['channel_id'])  ){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{

        $channel_info  = $sys->return_channel_info($sys->get['channel_id']);
        
        if (preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->return_channel_sub($channel_info['id']);
            $sys->return_channel_allsub($channel_info['id']);

            /* all sub record
            if( !empty($sys->channel_allsub) ) {
                $channel_allsub = implode(",", array_keys($sys->channel_allsub));
                $where       = " AND topic.channel_id IN (".$channel_allsub.")";
                $where_total = " AND channel_id IN (".$channel_allsub.")";
            } else {
                $where       = "";
                $where_total = "";
            }
            */

            $where          = " AND topic.channel_id=".$channel_info['id']."";
            $where_total    = " AND channel_id=".$channel_info['id']."";

            $where          = substr(trim($where), 0, 3) == "AND" ? substr(trim($where), 3) : trim($where);
            $where_total    = substr(trim($where_total), 0, 3) == "AND" ? substr(trim($where_total), 3) : trim($where_total);
            $where          = $where != "" ? "WHERE ".$where : "";

            $total_record = func::db_count_record(DB_TABLE_TOPIC, $where_total);
            $bwpage->set_record_listnum("20");
            $bwpage->set_record($total_record);
            $bwpage->page($CONFIGURE['common']['control_admin']."?act=topic&channel_id=".$channel_info['id']."&pag=%s");
            $sql = "SELECT topic.*
                    FROM ".DB_TABLE_TOPIC." topic
                    ".$where."
                    ORDER BY topic.if_top, topic.rank DESC, topic.post_time DESC
                    LIMIT ".$bwpage->record_listfirst.",".$bwpage->record_listnum;
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                while (!$result->EOF) {
                    $topic_list[$result->fields['id']] = array(
                        'id'                        => $result->fields['id'],
                        'channel_id'                => $result->fields['channel_id'],
                        'icon'                      => $result->fields['icon'],
                        'subject'                   => $result->fields['subject'],
                        'subject_len'               => mb_strwidth($result->fields['subject'],"UTF-8"),
                        'post_time'                 => $result->fields['post_time'],
                        'post_mid'                  => $result->fields['post_mid'],
                        'post_musername'            => $result->fields['post_musername'],
                        'post_ip'                   => $result->fields['post_ip'],
                        'post_pid'                  => $result->fields['post_pid'],
                        'number_reply'              => $result->fields['number_reply'],
                        'number_click'              => $result->fields['number_click'],
                        'last_time'                 => $result->fields['last_time'],
                        'last_mid'                  => $result->fields['last_mid'],
                        'last_musername'            => $result->fields['last_musername'],
                        'last_pid'                  => $result->fields['last_pid'],
                        'style_color'               => $result->fields['style_color'],
                        'style_fontstyle'           => $result->fields['style_fontstyle'],
                        'style_decoration'          => $result->fields['style_decoration'],
                        'style_begin'               => $result->fields['style_begin'],
                        'style_end'                 => $result->fields['style_end'],
                        'if_elite'                  => $result->fields['if_elite'],
                        'if_elite_begin'            => $result->fields['if_elite_begin'],
                        'if_elite_end'              => $result->fields['if_elite_end'],
                        'if_top'                    => $result->fields['if_top'],
                        'if_top_begin'              => $result->fields['if_top_begin'],
                        'if_top_end'                => $result->fields['if_top_end'],
                        'if_close'                  => $result->fields['if_close'],
                        'if_close_begin'            => $result->fields['if_close_begin'],
                        'if_close_end'              => $result->fields['if_close_end'],
                        'if_move'                   => $result->fields['if_move'],
                        'if_move_id'                => $result->fields['if_move_id'],
                        'if_del'                    => $result->fields['if_del'],
                        'rank'                      => $result->fields['rank'],
                    );
                    $sql_trans = "SELECT topic_trans.trans_group_id, topic_trans.trans_id,trans.name as trans_name, trans_group.name as trans_group_name
                            FROM ".DB_TABLE_TOPIC_TRANS." topic_trans
                                LEFT JOIN ".DB_TABLE_TRANS." trans ON trans.id=topic_trans.trans_id
                                LEFT JOIN ".DB_TABLE_TRANS_GROUP." trans_group ON trans_group.id=topic_trans.trans_group_id
                            WHERE topic_trans.topic_id=".$result->fields['id']."
                            ORDER BY trans_group.rank";
                    $result_trans = &$db->Execute($sql_trans);
                    if (!$result_trans) {
                        echo $db->ErrorMsg();
                    } else {
                        while (!$result_trans->EOF) {
                            $topic_list[$result->fields['id']]['trans'][] = array(
                                'trans_group_id'    => $result_trans->fields['trans_group_id'],
                                'trans_id'          => $result_trans->fields['trans_id'],
                                'trans_name'        => $result_trans->fields['trans_name'],
                                'trans_group_name'  => $result_trans->fields['trans_group_name'],
                            );
                            $result_trans->MoveNext();
                        }
                    }
                    $result->MoveNext();
                }
            }

            $t->assign(array(
                "topic_list"    => $topic_list,
                "pagination"    => $bwpage->pagination,
            ));
        }
        $t->assign(array(
            "channel_info"      => $channel_info,
            "channel_sub"       => $sys->channel_sub,
            "channel_allsub"    => $sys->channel_allsub,
        ));
    }
}
?>
